Top Trump cybersecurity advisor taken to task over his own insecure website

When it comes to Donald Trump, it’s getting harder by the day to be surprised.

His latest mishap comes from a cabinet appointment, former New York City mayor Rudy Giuliani. It’s Giuliani, now, that’s tasked with protecting our nation from the best and most sophisticated cyber criminals both foreign and domestic. And it’s Giuliani that today got schooled on the perils of not practicing what you preach.

CNBC reported that Dan Tentler, founder of Phobos Group was able to pull up “read me” files — while using a tethered mobile device, on an airplane — removed by even the most novice of website administrators. “This is really, really, really basic — it barely even qualifies as security,” Tentler said. “Those files give you all the information you need to do nefarious things. This is horrifying. This organization that bills itself as a security company has taken zero time to harden its own website.”

Or there’s this screenshot, showing Giuliani’s expired SSL certificate and failure to force users to a secure (https) connection.

That’s right, our top cybersecurity advisor isn’t using an encrypted connection on his own website.

Then there’s Flash. Flash is so vulnerable that even Adobe isn’t using it anymore these days. Doesn’t matter; Giuliani likes things that move and (presumably) hasn’t heard of HTML5, CSS3, Javascript, or any one of countless other ways to provide seamless transitions or animation without the use of Flash.

I’d encourage you to check this out yourself, but the site is currently down due to high traffic. *facepalm*

Again, though, it’s hard to be surprised. This is just the latest in a series of puzzling cabinet appointments that led us to where we are today. And where we are today is a nation that’s soon to be led by a cybersecurity advisor that doesn’t seem to understand cybersecurity.

Welcome to 2017, the show where the news is made up and the cabinet picks don’t matter.